R Street highlights national security implications of Trump cybercrime executive order

“President Trump’s cybercrime executive order offers an avenue for the federal government to address the national security implications of cyber-enabled fraud conducted by foreign adversaries, according to Haiman Wong, resident fellow at R Street’s technology and innovation program.

‘Prioritizing and looking at [cybercrime] through a national security lens is something that I’ve been pushing hard for. What we have seen is a lot of the money being stolen from Americans is not going to a mischievous prankster in their mom’s basement. It’s quite literally going to fund a lot of our adversaries,’ Wong told Inside Cybersecurity on the March 6 EO.

The EO focuses on cybercrime and fraud, including directing the creation of an action plan and steps to create a potential victim restoration program.

The EO serves “to combat cybercrime, fraud, and predatory schemes targeting American families, businesses, and critical infrastructure,” according to a fact sheet. The document was published in the wake of the highly-anticipated release of the national cyber strategy, which also addresses cybercrime in a pillar on shaping adversary behavior.

The action plan will be developed by the departments of State, Treasury, Defense, Justice and Homeland Security. The EO sets July 4 deadline for the plan.

The plan should identify the transnational criminal organizations ‘responsible for scam centers and cybercrime and proposes solutions to prevent, disrupt, investigate, and dismantle these TCOs,’ according to the EO.

The EO has a May 6 deadline for the departments to ‘review the relevant operational, technical, diplomatic, and regulatory frameworks in place to determine how each can be improved to best combat TCOs engaged in cyber-enabled crime and similar predatory schemes against Americans.’

‘This action plan shall provide for the creation of an operational cell within the National Coordination Center…which will be responsible for coordinating Federal efforts to detect, disrupt, dismantle, and deter — including by involving the private sector as appropriate — cyber-enabled criminal activity conducted by foreign TCOs and associated networks that target United States persons, businesses, critical infrastructure, or public services,’ the EO says.

The EO says the action plan will also outline ‘relevant technical capabilities, threat intelligence, and operational insights from commercial cybersecurity firms and other non-Federal entities… to enhance attribution, tracking, and disruption of malicious cyber actors and enabling infrastructure engaged in cybercrime, fraud, and predatory schemes’; as well as ‘include mechanisms to improve information sharing, operational coordination, and rapid response across the Federal Government.’

Wong said national security considerations should be addressed in the action plan.

‘This administration does so much about our physical border, but when it comes to our digital border, I would argue that’s even more pressing and urgent, because it’s at everybody’s fingertips,’ Wong said.

Wong said the Trump administration could move more towards ‘understanding with cyber-enabled attacks, there is a cybercrime component, and then there’s a public safety component too…and how those three things very much intersect with national security.’

She added, ‘Coordination and collaboration are paramount’ when standing up the action plan to address cybercrime.

‘The resource and bandwidth issue seems to have been one of the sticking points for [addressing cybercrime.] Anything to do with that coordination and collaboration is a great thing that we would love to see,’ Wong said.”